Lucene search
Veracode Vulnerability DatabaseVERACODE:13547HistoryMar 27, 2019 - 3:02 a.m.
Cross-site Scripting(XSS)
2019-03-2703:02:05
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
EPSS
0.001
Percentile
37.0%
com.liferay.knowledge.base.service is vulnerable to cross-site scripting (XSS). The vulnerability exists because it does not properly sanitize the user-provided parameters such as userId, allowing a remote attacker to inject arbitrary Javascript into the victimβs browser.
Related
cvelist
cvelist
CVE-2017-12647
2017-08-07 16:00:00
prion
prion
Cross site scripting
2017-08-07 16:29:00
nvd
nvd
CVE-2017-12647
2017-08-07 16:29:00
cve
cve
CVE-2017-12647
2017-08-07 16:29:00